With more than 100 million active users, Instagram has become hackers’ new favorite playground. New scam or phishing events have been reported recently.
New hacking tricks adpoted on Instagram
A scam has recently been detected on Instagram. Scammers first use hacked Instagram accounts to post pornographic images to lure victims to visit these fake user profiles, where a shorted URL is displayed. This URL then sends users to a site with a survey asking if they want to accept a request from women who desire ‘quick sex.’
After completing the survey, users will be redirected to an adult dating site containing an affiliate identification number. The affiliate, or say the scammer in this case, can earn money once users sign up to this site via the link.
(Image source: Symantec)
In addition to the pornographic trick, there are other types of scam on Instagram. For example, the promise of making easy money is another frequently-used phishing method.
In this case, users receive comments from unknown accounts. These comments have nothing to do with the picture itself, like ‘Visit the link in my profile to download a free game and get a $100 reward.’
How to protect yourself against these scams?
How attackers hack these accounts still remains unknown, but security researchers sussgest that it may be due to weak passwords or re-used passwords. These unknown accounts bear similar features, including:
– Use a beautiful girl image as profile picture
– No picture shared before
– There is a shortened URL in their profile
Although the short URL may differ, they all redirect users to the same page that provides a job opportunity on the social media, along with some promotion message like ‘Simply browsing around Facebook or Instagram, you can make money.’ Users are then required to provide their name and e-mail to apply for these easy tasks, putting users personal information at risk.
To protect yourself against this type of scams, here are some tips for you:
– Change the privacy setting for your Instagram account to control who can follow you.
– Do not follow unknown users.
– Do not click any suspicious link unless you are sure to which site you will be redirected.
– Do not follow users who have no pictures, and reject follow requests from users you don’t know.
Stay alert on the Internet. If something sounds to good too be true, then probably it isn’t.
Learn more about 360 Total Security